Language:
https://issues.redhat.com/browse/JBEAP-18352
https://issues.redhat.com/browse/JBEAP-18361
https://issues.redhat.com/browse/JBEAP-18367
https://issues.redhat.com/browse/JBEAP-18393
https://issues.redhat.com/browse/JBEAP-18397
https://issues.redhat.com/browse/JBEAP-18409
https://issues.redhat.com/browse/JBEAP-18527
https://issues.redhat.com/browse/JBEAP-18528
https://issues.redhat.com/browse/JBEAP-18596
https://issues.redhat.com/browse/JBEAP-18598
https://issues.redhat.com/browse/JBEAP-18640
https://issues.redhat.com/browse/JBEAP-18653
https://issues.redhat.com/browse/JBEAP-18706
https://issues.redhat.com/browse/JBEAP-18770
https://issues.redhat.com/browse/JBEAP-18775
https://issues.redhat.com/browse/JBEAP-18788
https://issues.redhat.com/browse/JBEAP-18790
https://issues.redhat.com/browse/JBEAP-18818
https://issues.redhat.com/browse/JBEAP-18836
https://issues.redhat.com/browse/JBEAP-18850
https://issues.redhat.com/browse/JBEAP-18870
https://issues.redhat.com/browse/JBEAP-18875
https://issues.redhat.com/browse/JBEAP-18876
https://issues.redhat.com/browse/JBEAP-18877
https://issues.redhat.com/browse/JBEAP-18878
https://issues.redhat.com/browse/JBEAP-18879
https://issues.redhat.com/browse/JBEAP-18929
https://issues.redhat.com/browse/JBEAP-18990
https://issues.redhat.com/browse/JBEAP-18991
https://issues.redhat.com/browse/JBEAP-19035
https://issues.redhat.com/browse/JBEAP-19054
https://issues.redhat.com/browse/JBEAP-19066
https://issues.redhat.com/browse/JBEAP-19117
https://issues.redhat.com/browse/JBEAP-19133
https://issues.redhat.com/browse/JBEAP-19156
https://issues.redhat.com/browse/JBEAP-19181
https://issues.redhat.com/browse/JBEAP-19192
https://issues.redhat.com/browse/JBEAP-19232
https://issues.redhat.com/browse/JBEAP-19281
https://issues.redhat.com/browse/JBEAP-19456
https://access.redhat.com/security/updates/classification/#important
http://www.nessus.org/u?34e23b20
http://www.nessus.org/u?39676da8
http://www.nessus.org/u?b88364dd
https://access.redhat.com/errata/RHSA-2020:2511
https://bugzilla.redhat.com/show_bug.cgi?id=1607709
https://bugzilla.redhat.com/show_bug.cgi?id=1715075
https://bugzilla.redhat.com/show_bug.cgi?id=1730462
https://bugzilla.redhat.com/show_bug.cgi?id=1752770
https://bugzilla.redhat.com/show_bug.cgi?id=1764607
https://bugzilla.redhat.com/show_bug.cgi?id=1764612
https://bugzilla.redhat.com/show_bug.cgi?id=1772008
https://bugzilla.redhat.com/show_bug.cgi?id=1797006
https://bugzilla.redhat.com/show_bug.cgi?id=1797011
https://bugzilla.redhat.com/show_bug.cgi?id=1801380
https://bugzilla.redhat.com/show_bug.cgi?id=1802444
https://bugzilla.redhat.com/show_bug.cgi?id=1805006
https://bugzilla.redhat.com/show_bug.cgi?id=1807305
https://bugzilla.redhat.com/show_bug.cgi?id=1814974
https://bugzilla.redhat.com/show_bug.cgi?id=1816330
https://bugzilla.redhat.com/show_bug.cgi?id=1816332
https://bugzilla.redhat.com/show_bug.cgi?id=1816337
https://bugzilla.redhat.com/show_bug.cgi?id=1816340
https://bugzilla.redhat.com/show_bug.cgi?id=1828459
https://issues.redhat.com/browse/JBEAP-16114
https://issues.redhat.com/browse/JBEAP-18060
https://issues.redhat.com/browse/JBEAP-18163
https://issues.redhat.com/browse/JBEAP-18221
https://issues.redhat.com/browse/JBEAP-18240
https://issues.redhat.com/browse/JBEAP-18241
https://issues.redhat.com/browse/JBEAP-18273
https://issues.redhat.com/browse/JBEAP-18277
https://issues.redhat.com/browse/JBEAP-18288
https://issues.redhat.com/browse/JBEAP-18294
https://issues.redhat.com/browse/JBEAP-18302
Severity: Critical
ID: 137331
File Name: redhat-RHSA-2020-2511.nasl
Version: 1.12
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 6/11/2020
Updated: 11/7/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Factor: Medium
Score: 6.7
Vendor Severity: Important
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-8840
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2020-9548
CPE: p-cpe:/a:redhat:enterprise_linux:eap7-weld-jta, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-vfs, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jettison-provider, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xmlsec-impl, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-jsf-api_2.3_spec, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-xjc, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-base, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-spi, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.1, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-crypto, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2, p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-tools, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-genericjms, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-atom-provider, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-core-asl, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-validator, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-wildfly8, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-metrics-api, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-multipart-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-providers, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson-provider, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-rest-client-api, p-cpe:/a:redhat:enterprise_linux:eap7-cryptacular, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-weld-3.1-api, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-config, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-security-api, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-security-impl, p-cpe:/a:redhat:enterprise_linux:eap7-weld-ejb, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hornetq-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-tools, p-cpe:/a:redhat:enterprise_linux:eap7-weld-web, p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-service-extensions, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4-to-eap7.3, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jsapi, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-commons, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-core, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-stax, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-cli, p-cpe:/a:redhat:enterprise_linux:eap7-relaxng-datatype, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-config-api, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-tools, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-config, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-core-client, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-opentracing-api, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-soap-api, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-runtime, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly16.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-entitymanager, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jaxb, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-envers, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-remote, p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly13.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-rest-client, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-yaml-provider, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-client-hotrod, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly9.0, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-hqclient-protocol, p-cpe:/a:redhat:enterprise_linux:eap7-woodstox-core, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-health, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-xc, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-common-api, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xmlsec-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-core-api, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-commons, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-policy-stax, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.2-to-eap7.3, p-cpe:/a:redhat:enterprise_linux:eap7-jasypt, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly17.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly11.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly12.0, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly8.2, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-ra, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-deployers-common, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-core, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-pkix, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-binding-provider, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-cli, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxrs, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-cachestore-jdbc, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-opentracing, p-cpe:/a:redhat:enterprise_linux:eap7-snakeyaml, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-core, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.1, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-profile-api, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-spi, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jsr310, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-validator-provider-11, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j, p-cpe:/a:redhat:enterprise_linux:eap7-istack-commons-runtime, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-saml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly18.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-rxjava2, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-commons, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-saml-api, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-datatype-jdk8, p-cpe:/a:redhat:enterprise_linux:eap7-codemodel, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-journal, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-client-microprofile, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-opentracing, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap6.4, p-cpe:/a:redhat:enterprise_linux:eap7-txw2, p-cpe:/a:redhat:enterprise_linux:eap7-sun-istack-commons, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-hibernate-cache-v53, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting-jmx, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-databind, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle, p-cpe:/a:redhat:enterprise_linux:eap7-rngom, p-cpe:/a:redhat:enterprise_linux:eap7-xsom, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-module-jaxb-annotations, p-cpe:/a:redhat:enterprise_linux:eap7-jandex, p-cpe:/a:redhat:enterprise_linux:eap7-stax2-api, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-transaction-client, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly15.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-glassfish-jsf, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.3-server, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jose-jwt, p-cpe:/a:redhat:enterprise_linux:eap7-undertow, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-picketbox-infinispan, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-modules-java8, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-json-provider, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jdbc-store, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-eap7.0, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-common, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-server, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-jaxrs-base, p-cpe:/a:redhat:enterprise_linux:eap7-hal-console, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly14.0-server, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-api, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-rt, p-cpe:/a:redhat:enterprise_linux:eap7-microprofile-metrics, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-ejb-client, p-cpe:/a:redhat:enterprise_linux:eap7-picketlink-bindings, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-modules, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-elytron-tool, p-cpe:/a:redhat:enterprise_linux:eap7-undertow-server, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jaxb-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-cdi, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-weld-3.1-api-weld-spi, p-cpe:/a:redhat:enterprise_linux:eap7-weld-probe-core, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-saml-api, p-cpe:/a:redhat:enterprise_linux:eap7-ironjacamar, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-spring, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-ws-security-dom, p-cpe:/a:redhat:enterprise_linux:eap7-infinispan-core, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-jms-client, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-prov, p-cpe:/a:redhat:enterprise_linux:eap7-bouncycastle-mail, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-dto, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client-common, p-cpe:/a:redhat:enterprise_linux:eap7-weld-core, p-cpe:/a:redhat:enterprise_linux:eap7-hibernate-java8, p-cpe:/a:redhat:enterprise_linux:eap7-codehaus-jackson-mapper-asl, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-jackson2-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-bindings, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-weld-3.1-api-weld-api, p-cpe:/a:redhat:enterprise_linux:eap7-jaxb-jxc, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-remoting, p-cpe:/a:redhat:enterprise_linux:eap7-resteasy-json-p-provider, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-naming-client, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-metrics, p-cpe:/a:redhat:enterprise_linux:eap7-wss4j-policy, p-cpe:/a:redhat:enterprise_linux:eap7-jackson-core, p-cpe:/a:redhat:enterprise_linux:eap7-elytron-web, p-cpe:/a:redhat:enterprise_linux:eap7-smallrye-health, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf-services, p-cpe:/a:redhat:enterprise_linux:eap7-jakarta-el, p-cpe:/a:redhat:enterprise_linux:eap7-apache-cxf, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-http-client, p-cpe:/a:redhat:enterprise_linux:eap7-jaegertracing-jaeger-client-java-thrift, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis, p-cpe:/a:redhat:enterprise_linux:eap7-activemq-artemis-selector, p-cpe:/a:redhat:enterprise_linux:eap7-slf4j-jboss-logmanager, p-cpe:/a:redhat:enterprise_linux:eap7-wildfly-javadocs, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-modules, p-cpe:/a:redhat:enterprise_linux:eap7-opensaml-xacml-saml-impl, p-cpe:/a:redhat:enterprise_linux:eap7-jboss-server-migration-wildfly10.0
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/11/2020
Vulnerability Publication Date: 7/18/2018
CVE: CVE-2018-14371, CVE-2019-0205, CVE-2019-0210, CVE-2019-10172, CVE-2019-12423, CVE-2019-14887, CVE-2019-17573, CVE-2020-10688, CVE-2020-10705, CVE-2020-10719, CVE-2020-1695, CVE-2020-1719, CVE-2020-1729, CVE-2020-1745, CVE-2020-1757, CVE-2020-6950, CVE-2020-7226, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548